Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    20-05-2024 21:21

General

  • Target

    3c2bcaf8dcc8b9c23ed117ae4fde39c7240e35a4df1a922426fd231976bac2fd.exe

  • Size

    273KB

  • MD5

    bbac91b7067222439278a3f18eb6fe19

  • SHA1

    213333526474f8b4834729ae00e99a5425b56492

  • SHA256

    3c2bcaf8dcc8b9c23ed117ae4fde39c7240e35a4df1a922426fd231976bac2fd

  • SHA512

    5a229a8095bfa0357c47f69e97715ba2cf77b91636f3f4ce6cd9c6ede52bf1ee2897023484e9f01b864a80d463c5c8a1af0ebef1343d02260d22dccfb15bd331

  • SSDEEP

    6144:zHXM7xuP5m0WGhytK0a86AnwU5i04sZa6n:DM7xkP86Anwh0dFn

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c2bcaf8dcc8b9c23ed117ae4fde39c7240e35a4df1a922426fd231976bac2fd.exe
    "C:\Users\Admin\AppData\Local\Temp\3c2bcaf8dcc8b9c23ed117ae4fde39c7240e35a4df1a922426fd231976bac2fd.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2844 -s 52
      2⤵
      • Program crash
      PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2844-0-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB

  • memory/2844-1-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB